It is recommended that 12.1 RU6 be installed if 12.1 RU5 is still giving issues. It increased kernel support to 3.10.0-229 to coincide with RHEL 7 Update 1.
Supported Linux kernels for Symantec Endpoint Protection
http://www.symantec.com/docs/TECH223240
Excerpt: The following Linux operating systems (and kernel versions) have been tested and should successfully install and enable the precompiled kernel modules for AutoProtect:
- Red Hat Enterprise Linux 7.0 GA (3.10.0-123)
- Red Hat Enterprise Linux 7 Update 1 (3.10.0-229)
- Red Hat Enterprise Linux 6 Update 6 (2.6.32-504)
- Red Hat Enterprise Linux 5 Update 11 (2.6.18-398)
- CentOS 6 Update 6 (2.6.32-504)
- SuSE Linux Enterprise Server 11 (2.6.27)
- Oracle Enterprise Linux UEK 6.5 (3.8.13-55)
The following Linux operating systems (and kernel versions) have been tested and should successfully install and enable the auto-compiled kernel modules for AutoProtect:
- CentOS 7.0 (3.10.0-123)
- CentOS 7 Update 1 (3.10.0-229)
- Ubuntu 13.04 (3.9.8)
- Ubuntu 14.04 LTS Desktop (3.13)
Note: This list should not be considered complete and exclusive. Linux operating systems and kernels that do not appear on this list may successfully install and enable the Auto-Protect kernel module.
It is also important to ensure that there is sufficient disk space available to process newly released definitions. At present we highly recommend 5 - 10 GB free in /tmp and /opt/Symantec.
At a minimum you need to have 7 GB free disk space overall:
https://support.symantec.com/en_US/article.TECH230602.html#SEPClientLinuxSysReq
Confirming that the SEP for Linux drivers are installed can also help confirm whether the SEP client will report correctly, if at all, to the SEPM (let alone properly function).
The lsmod command can confirm this. Just look for symap_* and symev_* in the list. If they are missing, it is recommended that the client be uninstalled and reinstalled.
In-depth review of the sepfl-install.log will show if any errors were reported during install, as will /var/log/messages and /var/symantec/Logs/debug.log. If posted we can certainly take a look and provide feedback.